Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 15 Oct 2013 23:50:08 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request : poppler < 0.13.0

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/14/2013 06:38 AM, Marcus Meissner wrote:
> Hi,
> 
> Kurt? Could you assign a CVE please?
> 
> SUSE is affected by this in SLE11.
> 
> Ciao, Marcus On Wed, Sep 18, 2013 at 09:53:33AM +0200, etienne
> wrote: Hi, I'd like to request a CVE number for the following
> issue 
> http://cgit.freedesktop.org/poppler/poppler/commit/poppler/DCTStream.cc?id=fc071d800cb4329a3ccf898d7bf16b4db7323ad8
>
>  The bug has been fixed in poppler 0.13.3, back in 2010, though it
> is still present and exploitable in several distributions.
> 
> Thanks,
> 
> Etienne

Please use CVE-2010-5110 for this issue. Apologies, we had
Thanksgiving so I was out for a few days.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQIcBAEBAgAGBQJSXikPAAoJEBYNRVNeJnmToJkQANAi0Hz6HxDvwrK6MshUbrLj
JmL9s4uZKni8eiVFVxmx30Kwrmct9guWebm9nyMs8Zjw+nOX8tyfXB2UJt4klyYi
wb8UruqBWmOg329DYKWV0NgQ09V9e2mCOiW6Fjl0DPnRVipr3H55mvvQi4nQhgAA
NU3QcJ93eFJeXZInav+1kaG3qz0/qUDiV+IPClscEYNG0IuC5fAbGYqUsKiZbkrq
2+1mdoiTSTv7GIcYcr5l4bUaR/0c/smZKeobDHByNeGgPQZy7KYrD26U4cL+Jl+E
Sv6On2eNkSnZjnLBJPuVAv5dZfRG77kgGxSY65emaukCWq9yRnNnL1KSG1hHbD48
ya18BJmOrDBWdCDcReVW1kPK6fMkS8hmnaZEprKVHjJLslP9qTLBPqbNTaUx81n3
OkNLCRlxaGOOi0njeZ4gY+hy5ccMcYuz5TFwKsXIXSrc0EdFtZSdyOsbUw9TRAI1
5TWpCfjJ2q+tQolTCbPOx2AzrNeoLRCM9VFyESSO89VndCPdZd+809C8mlcjWjnk
ikfFRDXjqu8M5hvZMGs0fsKtNJejFepvbCbgaquAZ1+o20Gwv2I2KQLLCH9M5vNJ
H6jvw1MawDrzQUNZpwDZD4slpU9l4PJNa4XF4ds67A0hS/fWxtInd/EdXvzxuMiS
/h5MK4NPZICoIga0vccG
=vyNv
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.